US20220058259A1 - Information processing device, verification system, and information processing method - Google Patents
Information processing device, verification system, and information processing method Download PDFInfo
- Publication number
- US20220058259A1 US20220058259A1 US17/420,329 US201917420329A US2022058259A1 US 20220058259 A1 US20220058259 A1 US 20220058259A1 US 201917420329 A US201917420329 A US 201917420329A US 2022058259 A1 US2022058259 A1 US 2022058259A1
- Authority
- US
- United States
- Prior art keywords
- information processing
- verification
- value
- cluster
- processing device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012795 verification Methods 0.000 title claims abstract description 507
- 230000010365 information processing Effects 0.000 title claims abstract description 388
- 238000003672 processing method Methods 0.000 title claims description 16
- 238000000034 method Methods 0.000 claims abstract description 73
- 230000004044 response Effects 0.000 claims abstract description 63
- 230000005540 biological transmission Effects 0.000 claims abstract description 17
- 238000012545 processing Methods 0.000 claims description 66
- 238000004891 communication Methods 0.000 description 30
- 238000010586 diagram Methods 0.000 description 20
- 230000006870 function Effects 0.000 description 11
- 235000008694 Humulus lupulus Nutrition 0.000 description 5
- 230000015654 memory Effects 0.000 description 5
- 238000012544 monitoring process Methods 0.000 description 5
- 238000001514 detection method Methods 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 230000004931 aggregating effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012806 monitoring device Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Definitions
- the present invention relates to an information processing device, a verification system, and an information processing method for verification of a program.
- patent literature 1 discloses a method of determining security breach using an eigenvalue of firmware of a device.
- the eigenvalue of firmware is calculated by the device.
- an external monitoring entity determines whether there is potential security breach based on an eigenvalue stored in advance.
- the external monitoring entity needs to access a storage unit that stores eigenvalues.
- a first problem is that a number of eigenvalues to be stored increases. This is because there are a large number of IoT devices in an IoT system and it is necessary to hold eigenvalues for the respective devices. An increase in the number of eigenvalues leads to an increase in required capacity of the storage unit. An increase in the capacity of the storage unit leads to a decrease in access speed to required information and an increase in cost.
- a second problem is that the access to the storage unit is concentrated in a case where there are a plurality of monitoring entities and devices to be verified. This is because the respective monitoring entities access the storage unit when the plurality of monitoring entities verify the devices. That is, when there are a plurality of devices to be verified, the number of times of verification itself increases, and the number of accesses to the storage unit increases.
- the concentration of access to the storage unit leads to an increase in time required for verification, a loss of transmission information, and the like.
- an object of the present invention is to provide an information processing device, a verification system, and an information processing method for performing device verification while preventing an increase in capacity of a storage unit and the concentration of access to the storage unit.
- An information processing device includes configuration information storage means for storing cluster configuration information making it possible to identify which cluster each information processing device in a system including multiple information processing devices belongs to, verification information management means for managing a first value corresponding to a content of a program of each of the information processing devices in the system, and verification means for deriving a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmitting the second value to a transmission source of the verification request, wherein the verification means transmits the verification request to an information processing device in the cluster identified by the cluster configuration information in response to reception of the verification request, and verifies the program in the information processing device by comparing the second value received from the information processing device with the first value.
- a verification system includes a verification server including configuration information storage means for storing cluster configuration information making it possible to identify which cluster each information processing device in a system including multiple information processing devices belongs to, and verification information management means for managing a first value corresponding to a content of a program of each of the information processing devices in the system, and an information processing device, belonging to a cluster to which the verification server belongs, including verification response means for deriving a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmitting the second value to a transmission source of the verification request, wherein the verification server further comprises verification means for transmits the verification request to an information processing device in the cluster identified by the cluster configuration information in response to reception of the verification request, and verifies the program in the information processing device by comparing the second value received from the information processing device with the first value.
- An information processing method includes storing cluster configuration information making it possible to identify which cluster each information processing device in a system including multiple information processing devices belongs to, managing a first value corresponding to a content of a program of each of the information processing devices in the system, deriving a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmitting the second value to a transmission source of the verification request, and transmitting the verification request to an information processing device in the cluster identified by the cluster configuration information in response to reception of the verification request, and verifying a program in the information processing device by comparing the second value received from the information processing device with the first value.
- An information processing program causes a computer to execute a process of managing a first value corresponding to a content of a program of each of information processing devices in a system including a plurality of the information processing devices, a process of deriving a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmitting the second value to a transmission source of the verification request, and a process of transmitting a verification request to the information processing device in a cluster identified by cluster configuration information making it possible to identify which cluster each information processing device in the system including multiple information processing devices belongs to, and verifying a program in the information processing device by comparing the second value received from the information processing device with the first value.
- the device verification can be performed while preventing the increase in the capacity of the storage unit and the concentration of access to the storage unit.
- FIG. 1 It depicts an explanatory diagram illustrating an example of a system including an information processing device.
- FIG. 2 It depicts a block diagram illustrating a configuration example of an information processing device according to a first example embodiment.
- FIG. 3 It depicts a flowchart illustrating verification processing executed by the information processing device according to the first example embodiment.
- FIG. 4 It depicts a block diagram illustrating a configuration example of an information processing device according to a second example embodiment.
- FIG. 5 It depicts a flowchart illustrating a cluster configuration method in the second example embodiment.
- FIG. 6 It depicts a flowchart illustrating a cluster configuration method in a third example embodiment.
- FIG. 7 It depicts a flowchart illustrating a cluster configuration method in a fourth example embodiment.
- FIG. 8 It depicts a block diagram illustrating a configuration example of an information processing device according to a fifth example embodiment.
- FIG. 9 It depicts an explanatory diagram illustrating an example of a system including an information processing device.
- FIG. 10 It depicts a block diagram illustrating a configuration example of an information processing device according to a sixth example embodiment.
- FIG. 11 It depicts a block diagram illustrating a configuration example of a verification server.
- FIG. 12 It depicts a flowchart illustrating verification processing executed by the information processing device according to the sixth example embodiment.
- FIG. 13 It depicts a flowchart illustrating verification processing executed by a verification unit of the verification server.
- FIG. 14 It depicts a block diagram illustrating an example of a computer having a CPU.
- FIG. 15 It depicts a block diagram illustrating the main part of an information processing device.
- FIG. 16 It depicts a block diagram illustrating the main part of a verification system.
- FIG. 1 is an explanatory diagram illustrating an example of a system including an information processing device of the present example embodiment.
- a plurality of information processing devices 100 are grouped as clusters 110 A, 110 B.
- An administrator 130 transmits configuration information of the clusters 110 A, 110 B to all the information processing devices 100 .
- the information processing device 100 stores the configuration information. It should be noted that, specifically, the administrator 130 transmits the configuration information through, for example, a server or the like handled by the administrator.
- the two clusters 110 A, 110 B are illustrated in FIG. 1 , but the number of clusters is not limited to two.
- the verification request source 120 is, for example, a server.
- the device verification includes detection of the presence or absence of an illegal modification of a program installed in the information processing device 100 and detection of the presence or absence of installation of a malicious program.
- the information processing device 100 that has received the verification request from the verification request source 120 transmits the verification request to the other information processing device 100 in a cluster to which the own device belongs.
- the information processing device 100 adjacent to another cluster among the information processing devices 100 that have received the verification request transmits the verification request to the adjacent cluster.
- the information processing device 100 that has received the verification request from the adjacent cluster transmits the verification request to the other information processing device 100 in a cluster to which the own device belongs.
- the verification request which is a trigger for starting verification
- the verification request source 120 different from the information processing device 100
- a certain information processing device 100 in a system may transmit a verification request, which is a trigger for starting verification, to the other information processing device 100 .
- FIG. 2 is a block diagram illustrating a configuration example of the information processing device 100 of the first example embodiment.
- the information processing device 100 comprises a control unit 101 , a program storage unit 102 , a communication unit 103 , a configuration information storage unit 104 , a verification unit 105 , and a verification information storage unit 106 .
- the control unit 101 is a control device that performs overall control and computational processing of the information processing device 100 .
- the program storage unit 102 stores a program executed by the control unit 101 .
- the communication unit 103 communicates with a connection destination device through a network (not shown) such as the Internet.
- the configuration information storage unit 104 stores information that can identify the information processing device 100 belonging to a cluster including the own information processing device (the information processing device 100 including the configuration information storage unit 104 ), and information that can identify the information processing device 100 belonging to a cluster adjacent to this cluster.
- Each of the information processing devices 100 is identified using identification information such as a unique identification (ID), a fixed Internet protocol (IP) address, and a media access control (MAC) address.
- ID unique identification
- IP Internet protocol
- MAC media access control
- authentication information such as a common encryption key and certificate information may be added to the identification information.
- the cluster stored in the configuration information storage unit 104 is configured by, for example, the administrator 130 of the entire system.
- the administrator 130 can configure a plurality of clusters by dividing an information processing device group (all the information processing devices 100 ) based on a certain index such that the maximum length of a distance between two arbitrary information processing devices 100 in each cluster. Examples of the index include a distance such as a number of hops in a network layer between the information processing devices 100 and a physical distance.
- the administrator 130 can also configure a plurality of clusters by dividing the information processing device group such that a number of the information processing devices 100 is uniform.
- the administrator 130 creates a first connected graph indicating a connection relationship between configured clusters and a second connected graph indicating a connection relationship between the information processing devices 100 in the respective clusters.
- Information representing the information processing devices 100 which correspond to nodes at both ends of edges of these connected graphs (the first connected graph and the second connected graph) is transmitted as configuration information to the information processing devices 100 corresponding to both the nodes.
- a connection relationship between the information processing devices 100 representing clusters is used to create the first connected graph (connected graph indicating the connection relationship between clusters).
- the configuration information storage unit 104 stores the configuration information.
- a number of edges is minimized, and the storage capacity of the configuration information storage unit 104 is reduced.
- a number of hops of a network between two arbitrary points is considered as cost, and it is possible to obtain the minimum-cost spanning tree structure using the Kruskal method or the Prim method which is an already-known algorithm.
- a complete graph is realized by storing information of all the information processing devices 100 belonging to the same cluster in each of the information processing devices 100 .
- a complete graph is obtained as one or more representative information processing devices 100 are selected for the respective clusters, and the selected information processing devices 100 collect information of the representative information processing device 100 of another cluster.
- the verification information storage unit 106 stores an eigenvalue (hereinafter, also referred to as a first value) as a first value of the other information processing device 100 calculated in advance.
- a first value it is possible to use an index value which can be calculated from an entity (for example, binary data) of a program stored in the program storage unit 102 and with which the presence or absence of tampering can be confirmed.
- the index value for example, a hash value, a checksum, or a value of an error correcting code can be used.
- the entity itself of the program can be used as the first value.
- the first value can be recalculated and used if necessary. For example, assumed is a malicious program spoofing a regular program by storing the correct first value. Then, as an example, an eigenvalue calculated by adding a random bit string to the entity itself of the program is used as the first value. Any index to be used is determined by the administrator 130 depending on a method handled by the verification unit 105 . In addition, the information processing device 100 in which the first value of the other information processing device 100 should to be stored is determined by the administrator 130 .
- the verification unit 105 When receiving the verification request, the verification unit 105 newly calculates an eigenvalue (hereinafter, also referred to as a second value) as a second value based on a program stored in the program storage unit 102 of the own information processing device (the information processing device including the verification unit 105 ) 100 . In addition, the verification unit 105 transmits the verification request to the other information processing devices 100 . Further, the verification unit 105 aggregates verification results received from the other information processing devices 100 . A series of verification requests are assigned with a single unique number. The verification unit 105 stores unique numbers as a “verified list” when each of the information processing devices 100 completes verification. The unique number is used to determine whether verification has been completed. As an example, the verified list is configured to be capable of storing a predetermined number of unique numbers. The unique numbers in the verified list are removed from the oldest one.
- an eigenvalue hereinafter, also referred to as a second value
- the communication unit 103 transmits the verification request to the other information processing devices 100 to the information processing device 100 identified by the configuration information storage unit 104 .
- the verification unit 105 verifies and aggregates a content of the response.
- the response includes identification information of the information processing device 100 of a verification request destination and the second value in the information processing device 100 .
- the response may include a verification result of another information processing device aggregated by the verification request destination.
- the verification unit 105 determines whether the verification is successful by confirming whether the received second value matches the first value stored in the verification information storage unit 106 .
- the verification unit 105 aggregates a verification result of the other information processing device 100 .
- the verification unit 105 aggregates identification information of the information processing device 100 to be verified and the success or failure of the verification.
- the verification unit 105 may simply aggregate only the number of information processing devices 100 that have succeeded in verification and the number of information processing devices 100 that have failed in verification.
- the verification unit 105 may prevent tampering by adding a signature of the information processing device 100 that has performed verification to each response. Thereafter, the verification unit 105 transmits the second value and the aggregated verification result to a verification request source.
- the verification unit 105 and the verification information storage unit 106 may be laid out in the secure storage area or the secure execution environment.
- a storage area in an integrated circuit (IC) chip such as a trusted platform module (TPM) and a secure element corresponds to the secure storage area.
- TPM trusted platform module
- SGX Intel Software Guard Extensions
- ARM TrustZone registered trademark
- FIG. 3 is a flowchart illustrating verification processing executed by the verification unit 105 in the information processing device 100 .
- the verification processing is started when a verification request is received from the outside (Step S 101 ).
- the verification unit 105 determines whether verification has been completed based on whether a unique number of the verification request is registered in a verified list (Step S 102 ).
- the verification unit 105 replies that verification has been completed to a verification request source (device that has transmitted the verification request) through the communication unit 103 (Step S 103 ), and ends the processing.
- the verification unit 105 determines whether the transmission source (request source) of the verification request is the information processing device 100 (or the verification request source 120 ) in a cluster to which the own information processing device 100 belongs based on information stored in the configuration information storage unit 104 (Step S 104 ).
- the request source is the information processing device 100 in the cluster
- the processing proceeds to Step S 107 .
- the verification unit 105 transmits a verification request to the information processing device 100 in the cluster through the communication unit 103 (Step S 105 ).
- the verification unit 105 When receiving a response (reply) to the transmitted verification request, the verification unit 105 compares a second value included in the reply with the first value stored in the verification information storage unit 106 to determine whether the verification is successful (Step S 106 ). Then, the processing proceeds to Step S 107 . It should be noted that, in a case where the first value and the second value match, the verification unit 105 determines that the verification is successful, that is, there is no illegality related to a program in the information processing device 100 that has replied.
- Step S 107 the verification unit 105 determines whether there is an adjacent cluster based on information stored in the configuration information storage unit 104 . When there is no adjacent cluster, the processing proceeds to Step S 110 . When there is an adjacent cluster, the verification unit 105 transmits a verification request to the adjacent cluster through the communication unit 103 (Step S 108 ). When receiving a response (reply) to the transmitted verification request, the verification unit 105 compares a second value included in the reply with the first value stored in the verification information storage unit 106 to determine whether the verification is successful (Step S 109 ).
- the verification unit 105 determines that the verification is successful, that is, there is no illegality related to a program in the information processing device 100 that has replied. Then, the processing proceeds to Step S 110 .
- Step S 110 the verification unit 105 aggregates verification results obtained in the process of Step S 106 and the process of Step S 109 and a verification results sent from the other information processing device 100 .
- the verification unit 105 calculates an eigenvalue based on a program stored in the program storage unit 102 in the own information processing device 100 (Step S 111 ). Then, the verification unit 105 transmits the calculated eigenvalue together with the verification result of the other information processing device 100 to the verification request source (Step S 112 ), and ends the process.
- the eigenvalue is received by the information processing device 100 which is the verification request source.
- the information processing device 100 handles the received eigenvalue as the second value.
- the verification unit 105 does not execute the process of Step S 110 .
- the verification unit 105 transmits only the eigenvalue related to the own information processing device 100 without transmitting the verification result of the other information processing device 100 in the process of Step S 112 .
- the information processing devices 100 transfer the verification requests to each other, so that verification between the information processing device 100 and the other information processing device 100 connected thereto is executed in a distributed manner. Therefore, it is possible to prevent an increase in verification information to be held by a device that performs verification and prevent the concentration of access to one storage unit as compared with a case where a single monitoring device monitors all devices in a system.
- FIG. 4 is a block diagram illustrating a configuration example of an information processing device 200 of a second example embodiment.
- the information processing device 200 comprises the control unit 101 , the program storage unit 102 , the communication unit 103 , the configuration information storage unit 104 , a verification unit 205 , the verification information storage unit 106 , and a cluster processing unit 207 .
- control unit 101 and the communication unit 103 illustrated in FIG. 4 have functions similar to those in the first example embodiment.
- a function of the verification unit 205 is different from the function of the verification unit 105 in the first example embodiment.
- the information processing devices 200 having the same program recorded in the program storage units 102 are the information processing devices 200 belonging to the same cluster. That is, verification information on the information processing device 200 in the same cluster stored in the verification information storage unit 106 is reduced using the identity of the program.
- An example of a system including the information processing device 200 is the system as shown in FIG. 1 . However, each of the information processing devices 100 in FIG. 1 is replaced with the information processing device 200 .
- the cluster processing unit 207 calculates an eigenvalue from the program stored in the program storage unit 102 in the own information processing device (the information processing device including the cluster processing unit 207 ) 200 , and makes a response to an eigenvalue request from the outside.
- the administrator 130 makes an eigenvalue request to the cluster processing unit 207 of each of the information processing devices 200 , and configures a cluster of the information processing devices 200 based on the obtained eigenvalue (corresponding to a first value).
- a first connected graph and a second connected graph are created for the configured cluster and transmitted to each of the information processing devices 200 .
- the configuration information storage unit 104 of the information processing device 200 stores configuration information. Specifically, the administrator 130 transmits the eigenvalue request and the configuration information through, for example, a server handled by the administrator 130 or the like, and receives the eigenvalue.
- the verification unit 205 executes verification processing (refer to FIG. 3 ) similar to that of the verification unit 105 in the first example embodiment. However, in the present example embodiment, the verification unit 205 determines whether verification is successful by comparing a second value, included in a response to a verification request obtained from the other information processing device 200 (the information processing device 200 other than the information processing device 200 including the verification unit 205 ) in the same cluster with the first value calculated in advance from the program stored in the program information storage unit 102 in the own information processing device 200 in the process of Step S 106 . In a case where the first value and the second value match, the verification unit 205 determines that the verification is successful, that is, there is no illegality related to a program in the information processing device 200 that has replied.
- the first value may be stored in the verification information storage unit 106 in advance, or may be calculated by the verification unit 205 every time the second value is received from the other information processing device 200 .
- the verification unit 205 can perform the verification as described above because the programs stored in the program storage units 102 of all the information processing devices 200 belonging to the same cluster are the same.
- FIG. 5 is a flowchart illustrating a cluster configuration method. This processing is executed by the administrator 130 (specifically, a server handled by the administrator 130 or the like).
- the administrator 130 requests eigenvalues as first values from all the information processing devices 200 (Step S 201 ).
- the cluster processing unit 207 calculates the eigenvalue of a program.
- the cluster processing unit 207 sends the eigenvalue to the administrator 130 through the communication unit 103 .
- the administrator 130 can collect eigenvalues of all the information processing devices 200 .
- the administrator 130 determines the identity between the programs by comparing the collected eigenvalues.
- the administrator 130 configures a cluster of the same eigenvalue (Step S 202 ). That is, the administrator 130 causes the information processing devices 200 having the programs determined to be the same to be included in the same cluster.
- the administrator 130 configures a spanning tree connecting clusters as a first connected graph (Step S 203 ).
- the administrator 130 configures a spanning tree in a cluster as a second connected graph (Step S 204 ).
- Information representing the information processing devices 200 corresponding to nodes at both ends of edges of the connected graphs (the first connected graph and the second connected graph) are transmitted to each of the information processing devices 200 (Step S 205 ), and the processing ends.
- the administrator 130 transmits the information to the information processing devices 200 corresponding to both the nodes as configuration information.
- the configuration information storage unit 104 stores the configuration information.
- the Kruskal method or the Prim method which is an algorithm for obtaining a minimum spanning tree based on a number of hops between information processing devices, can be used as a method for forming the spanning tree.
- the information processing device 200 of the present example embodiment does not necessarily store the first values of the information processing devices 200 in the same cluster in the verification information storage unit 106 . Therefore, the verification information to be held by the verification information storage unit 106 can be further reduced.
- the cluster processing unit 207 is provided separately from the verification unit 205 in the present example embodiment, but the verification unit 205 may function as the above-described cluster processing unit 207 without providing the cluster processing unit 207 .
- the information processing devices 200 having similar programs recorded in the program storage units 102 are the information processing devices 200 belonging to the same cluster. That is, the storage capacity of the verification information storage unit 106 for verification in the same cluster is reduced using a similarity of a program.
- a configuration of the information processing device 200 of the present example embodiment is the same as the configuration shown in FIG. 4 .
- the administrator 130 defines a Hamming distance based on binary values of programs, a value of a fuzzy hash of a program, and the like as an index (index value) of the similarity between programs.
- the administrator 130 (specifically, a server handled by the administrator 130 or the like) determines whether programs are similar using the index value and a predetermined threshold. For example, when the index value exceeds the predetermined threshold, it is determined that the programs are similar.
- the index value of the similarity may be simply expressed as a similarity.
- FIG. 6 is a flowchart illustrating a cluster configuration method in the present example embodiment. This processing is executed by the administrator 130 (specifically, a server handled by the administrator 130 or the like).
- the administrator 130 requests an index value of a similarity of a program from all the information processing devices 200 (Step S 301 ).
- the cluster processing unit 207 calculates the index value.
- the cluster processing unit 207 sends the index value to the administrator 130 through the communication unit 103 .
- the administrator 130 can collect index values of similarities of all the information processing devices 200 .
- the administrator 130 determines the similarity of the program by comparing the collected index values.
- the administrator 130 causes the information processing devices 200 having the close similarity to be included in the same cluster (Step S 302 ). Thereafter, the processes of Steps S 203 to S 205 are executed similarly to the case of the second example embodiment.
- the verification information storage unit 106 stores a similarity threshold or difference information between programs as verification information (corresponding to a first value) for the other information processing device 200 in the same cluster. Which verification information is to be used is determined by the administrator 130 depending on a method of the verification unit 205 .
- the verification unit 205 executes verification processing (refer to FIG. 3 ) similarly to the verification unit 105 in the first example embodiment, but in the process of Step S 106 , performs verification using a similarity with a program in the own information processing device 200 or difference information based on a verification response obtained from the other information processing device 200 in the same cluster.
- the verification unit 205 calculates an index value of the above similarity between programs as a second value handled by a verification request source in the process of Step S 111 .
- the verification unit 205 calculates a similarity between the second value (the index value of the similarity in the present example embodiment) included in the verification response and the first value calculated in advance from the program in the own information processing device 200 . Then, the verification unit 205 determines whether the verification is successful by determining whether the obtained similarity exceeds the threshold. Specifically, when the obtained similarity exceeds the threshold, the verification unit 205 determines that the verification is successful, that is, there is no illegality related to a program in the information processing device 200 that has replied.
- the verification unit 205 performs a comparison with the program in the own information processing device 200 for the same portion, and determines whether the verification is successful using the difference information for different portions. That is, when a difference is equal to or less than a predetermined degree, the verification unit 205 determines that there is no illegality related to the program in the information processing device 200 that has replied.
- the verification unit 205 can perform the verification as described above because the programs stored in the program storage units 102 of all the information processing devices 200 belonging to the same cluster are similar.
- the verification unit 205 executes verification based on the similarity, the presence or absence of tampering of a program is partially verified in the present example embodiment. In the case where the verification unit 205 executes verification using the difference information, the presence or absence of tampering of a program is verified. It should be noted that the verification unit 205 may include a similarity value used for verification and the like in a verification result as a response to a verification request.
- the information processing device 200 of the present example embodiment does not necessarily store verification information of each of the information processing devices 200 in the same cluster in the verification information storage unit 106 .
- the verification information storage unit 106 only needs to store one similarity threshold or the difference information between programs of all the information processing devices 200 in the same cluster. Therefore, the verification information to be held by the verification information storage unit 106 can be further reduced.
- the information processing devices 200 having similar program attributes recorded in the program storage units 102 are the information processing devices 200 belonging to the same cluster. That is, the storage capacity of the verification information storage unit 106 for verification in the same cluster is reduced using an attribute of a program.
- a configuration of the information processing device 200 of the present example embodiment is the same as the configuration shown in FIG. 4 .
- the administrator 130 (specifically, a server handled by the administrator 130 or the like) acquires information such as a program name and a signature of a developer and version information of a program in order to find an attribute of the program. Then, the administrator 130 determines that programs by the same developer or programs which correspond to the same program in different versions are programs having similar attributes. It should be noted that signature information of a program developer may be used to prevent tampering of the program attribute.
- the verification information storage unit 106 stores an attribute of a verification target program as verification information for the other information processing device 200 in the same cluster. Which type of attribute is to be used is determined by the administrator depending on a method of the verification unit 205 .
- FIG. 7 is a flowchart illustrating a cluster configuration method in the present example embodiment. This processing is executed by the administrator 130 (specifically, a server handled by the administrator 130 or the like).
- the administrator 130 requests attributes of programs as first values from all the information processing devices 200 (Step S 401 ).
- the cluster processing unit 207 extracts the attribute of the program.
- the cluster processing unit 207 transmits the attribute of the program to the administrator 130 through the communication unit 103 .
- the administrator 130 can collect the attributes of the programs of all the information processing devices 200 .
- the administrator 130 includes the information processing devices 200 having similar (or matching) program attributes in the same cluster (Step S 402 ). Thereafter, the processes of Steps S 203 to S 205 are executed similarly to the case of the second example embodiment.
- the verification unit 205 executes verification processing (refer to FIG. 3 ) similarly to the verification unit 105 in the first example embodiment, but confirms whether an attribute of a program in the own information processing device 200 is similar to (or matches) an attribute of a program in the other information processing device 200 using a verification response obtained from the other information processing device 200 in the same cluster and the attribute (corresponding to the first value) of the program stored in the verification information storage unit 106 in the process of Step S 106 . If the both are similar (or match), the verification unit 205 determines that the verification is successful, that is, there is no illegality related to the program in the information processing device 200 that has replied.
- the verification unit 205 reads an attribute of a program from the verification information storage unit 106 and sets the read attribute as the second value handled by a verification request source in the process of Step S 111 in the present example embodiment.
- the information processing device 200 of the present example embodiment does not necessarily store verification information of each of the information processing devices 200 in the same cluster in the verification information storage unit 106 .
- the verification information storage unit 106 only needs to store the attributes of the programs for all the information processing devices 200 in the same cluster. Therefore, the verification information to be held by the verification information storage unit 106 can be further reduced.
- FIG. 8 is a block diagram illustrating a configuration example of an information processing device of a fifth example embodiment.
- An information processing device 500 comprises the control unit 101 , the program storage unit 102 , the communication unit 103 , the configuration information storage unit 104 , the verification unit 105 , the verification information storage unit 106 , and a cluster processing unit 507 .
- control unit 101 the communication unit 103 , and the verification unit 105 illustrated in FIG. 8 have functions similar to those in the first example embodiment.
- a cluster is configured in a distributed manner in the system without the administrator 130 being involved in the configuration of the cluster.
- An example of a system including the information processing device 100 is the system as shown in FIG. 1 . However, each of the information processing devices 100 in FIG. 1 is replaced with the information processing device 500 .
- the cluster processing unit 507 in a certain information processing device 500 in the system autonomously configures a cluster.
- the cluster processing unit 507 configures a first connected graph and a second connected graph.
- the cluster processing unit 507 stores configuration information in the configuration information storage unit 104 .
- the cluster processing unit 507 requests an eigenvalue from the adjacent information processing device 500 based on the configuration information.
- the adjacent information processing device 500 transmits the eigenvalue in response to the request, the eigenvalue is received by the communication unit 103 and stored in the verification information storage unit 106 as a first value.
- the cluster processing unit 507 can use a clustering method used in a distributed system as a cluster configuration method. For example, the cluster processing unit 507 calculates cost based on a number of hops of a network. If the system is a wireless network, the cluster processing unit 507 calculates the cost based on signal intensity. The cluster processing unit 507 can configure a cluster by comparing the calculated cost with a predetermined threshold. As an example, the cluster processing unit 507 configures the cluster by obtaining a spanning tree that minimizes the cost.
- a representative node the information processing device 500 in charge of processing for the cluster configuration
- the selected leader collects pieces of information of all nodes (all the information processing devices 500 ). Then, the leader configures a first connected graph and a second connected graph based on a distance such as the number of hops between nodes. The leader transmits a unique ID of an adjacent node to each node based on configuration information (the first connected graph and the second connected graph). In each node, the configuration information storage unit 104 stores the received ID. It should be noted that selection of a representative node may be performed again to select a leader for each cluster regarding the configuration of the second connected graph. In this case, the selected leader calculates a second connected graph and transmits information of an adjacent node to each node.
- the cluster is autonomously configured in the system including the information processing device 500 of the present example embodiment. Therefore, it is unnecessary for the administrator 130 to intensively manage information of a large number of information processing devices 500 .
- one verification server is arranged in each cluster, and verification processing is performed by an information processing device and a verification server.
- FIG. 9 is an explanatory diagram illustrating an example of a system including the information processing device of the present example embodiment.
- a cluster 620 A includes one verification server 610 A in addition to a plurality of information processing devices 600 .
- a cluster 620 B includes a verification server 610 B in addition to a plurality of information processing devices 600 .
- a verification request is transmitted from a verification request source 630 to any one of the verification servers. In the example shown in FIG. 9 , the verification request is transmitted to the verification server 610 A.
- the verification server 610 A which receives the verification request, transmits the verification request to the information processing device 600 in the cluster 620 A.
- the verification server 610 A transmits the verification request to the verification server 620 B of the adjacent cluster 610 B. Then, verification processing of the entire system is performed.
- the verification request source 630 is specifically, for example, a server.
- the specific information processing device 600 and the verification server 610 A or the verification server 610 B can also start a verification request to another verification server in the present example embodiment.
- FIG. 10 is a block diagram illustrating a configuration example of the information processing device 600 of the present example embodiment.
- the information processing device 600 comprises the control unit 101 , the program storage unit 102 , the communication unit 103 , and a verification response unit 605 .
- control unit 101 and the communication unit 103 illustrated in FIG. 10 have functions similar to those in the first example embodiment.
- the verification response unit 605 newly calculates a second value from a program stored in the program storage unit 102 in the own information processing device (information processing device including the verification response unit 605 ) 600 , and makes a response to a verification request.
- a unique number is assigned to each verification request. The unique number is used to determine whether verification has been completed.
- FIG. 11 is a block diagram illustrating a configuration example of the verification server 610 .
- the verification server 610 comprises a control unit 611 , a program storage unit 612 , a communication unit 613 , a configuration information storage unit 614 , a verification unit 615 , and a verification information storage unit 616 .
- Configurations of the verification server 610 A and the verification server 610 B shown in FIG. 9 are the same as the configuration of the verification server 610 .
- the verification server 610 is illustrated in FIG. 11 in order to describe the configurations of the verification server 610 A and the verification server 610 B.
- the communication unit 613 communicates with a connection destination device through a network (not shown) such as the Internet.
- the verification unit 615 newly calculates a second value from a program stored in the program storage unit 612 in the own device (the verification server 610 ).
- the verification unit 615 transmits a verification request to the information processing device 600 through the communication unit 613 .
- the verification unit 615 makes a response to a verification request source based on a verification result.
- a unique number is assigned to each verification request. The unique number is used to determine whether verification has been completed.
- the verification unit 615 transmits the verification request, referring to information that can identify the information processing device 600 stored in the configuration information storage unit 614 .
- the verification unit 615 compares the second value included in the verification response received from the information processing device 600 with a first value included in the verification information storage unit 616 to determine whether the verification is successful. Specifically, in a case where the first value and the second value match, the verification unit 615 determines that the verification is successful, that is, there is no illegality related to a program in the information processing device 600 that has replied. In addition, the verification result of the information processing device 600 included in the verification response is aggregated. After verifying the responses of all the verification requests and calculating the own second value, the verification unit 615 transmits these results to the verification request source 630 .
- FIG. 12 is a flowchart illustrating verification processing executed by the verification response unit 605 in the information processing device 600 .
- the verification processing is started when a verification request is received from the outside (Step S 601 ).
- the verification response unit 605 in the information processing device 600 determines whether verification has been completed based on whether a unique number of the verification request is registered in a verified list (Step S 602 ).
- the verification response unit 605 replies that verification has been completed to a verification request source (device that has transmitted the verification request) through the communication unit 103 (Step S 603 ), and ends the processing.
- the verification response unit 605 calculates an eigenvalue based on information stored in the program storage unit 102 in the own information processing device 600 (Step S 604 ).
- the verification response unit 605 transmits the eigenvalue to the verification request source (Step S 605 ). Then, the processing ends.
- the eigenvalue is received by the verification server 610 (the verification servers 610 A, 610 B).
- the verification server 610 handles the received eigenvalue as a second value.
- FIG. 13 is a flowchart illustrating verification processing executed by the verification unit 615 of the verification server 610 .
- the verification processing is started when a verification request from the outside or a verification request generated by the own control unit 611 is received (Step S 611 ).
- the verification unit 615 in the verification server 610 determines whether verification has been completed based on whether a unique number of the verification request is registered in a verified list (Step S 612 ).
- the verification unit 615 replies that verification has been completed to a verification request source (verification server that has transmitted the verification request) through the communication unit 613 (Step S 613 ), and ends the processing.
- the verification unit 615 transmits a verification request to the information processing device 600 in the cluster (Step S 615 ).
- the verification unit 615 compares a second value included in the reply with a first value stored in the verification information storage unit 616 to determine whether the verification is successful (Step S 616 ). Specifically, in a case where the first value and the second value match, the verification unit 615 determines that the verification is successful, that is, there is no illegality related to a program in the information processing device 600 that has replied.
- the verification unit 615 determines whether there is an adjacent cluster based on information stored in the configuration information storage unit 614 (Step S 617 ). When there is no adjacent cluster, the processing proceeds to Step S 620 . When there is an adjacent cluster, the verification unit 615 transmits a verification request to the verification server 610 of the adjacent cluster (Step S 618 ). The verification unit 615 compares a second value in a response content with a first value of the verification information storage unit 616 to determine whether the verification is successful (Step S 619 ). Specifically, in a case where the first value and the second value match, the verification unit 615 determines that the verification is successful, that is, there is no illegality related to a program in the information processing device 600 in the adjacent cluster.
- the verification server of the adjacent cluster is the verification server 610 B in a case where the verification server 610 that transmits the verification request is the verification server 610 A when referring to FIG. 9 .
- the verification server 610 that transmits the verification request is the verification server 610 B
- the verification server of the adjacent cluster is the verification server 610 A.
- Step S 620 the verification unit 615 aggregates verification results obtained in the processing in Step S 616 and the processing in Step S 619 , and verification results transmitted from the information processing device 600 and the other verification server 610 (Step S 620 ).
- the verification unit 615 calculates an eigenvalue related to the program stored in the program storage unit 612 (Step S 621 ).
- the verification unit 615 transmits the calculated eigenvalue together with the verification result of the other information processing device to the verification request source through the communication unit 613 (Step S 622 ), and ends the processing.
- the eigenvalue is received by the verification server 610 (the verification servers 610 A and, 610 B) or the verification request source 630 .
- the verification server 610 or the verification request source 630 handles the received eigenvalue as the second value.
- the information processing device 600 and the verification server 610 transfer the verification requests to each other, so that verification among the verification server 610 , the other information processing device 600 connected thereto, and the other verification server 610 is executed in a distributed manner. Therefore, it is possible to prevent an increase in verification information and the concentration of access to one storage unit.
- the same verification method is used for all clusters in each of the above example embodiment, but the verification method may be changed for each cluster as an example.
- the second example embodiment may be adopted for a cluster including the information processing devices 100 in which the same program is stored in the program storage units 102 , and another example embodiment may be adopted for the other clusters.
- clusters are configured such that verification between information processing devices in a cluster and verification between adjacent clusters are performed in each of the above example embodiments, but more-layered cluster configuration may be constructed by further clustering one cluster.
- the verification processing in each of the above example embodiments may be realized by regarding the cluster as one information processing device.
- one cluster among a plurality of clusters having a more-layered structure is regarded as a cluster that transmits a verification request to another information processing device or cluster.
- the components in the above exemplary embodiments may be configured with a piece of hardware or a piece of software.
- the components may be configured with a plurality of pieces of hardware or a plurality of pieces of software.
- part of the components may be configured with hardware and the other part with software.
- the functions (processes) in the above exemplary embodiments may be realized by a computer having a processor such as a central processing unit (CPU), a memory, etc.
- a program for performing the method (processing) in the above exemplary embodiments may be stored in a storage device (storage medium), and the functions may be realized with the CPU executing the program stored in the storage device.
- FIG. 14 is a block diagram illustrating an example of the computer having the CPU.
- the computer can be mounted on the information processing devices 100 , 200 , 500 , 600 and can be mounted on the verification server 610 .
- the CPU 1000 executes processing in accordance with a program stored in a storage device 1001 to realize the functions in the above exemplary embodiments. That is to say, the functions of the control unit 101 , the software part of the communication unit 103 , the verification units 105 and 205 , the cluster processing units 207 and 507 , and the verification response unit 605 in the information processing devices 100 , 200 , 500 , and 600 shown in FIGS. 2, 4, 8, and 10 , and the functions of the control unit 611 , the software part of the communication unit 613 , and the verification unit 615 in the verification server 610 shown in FIG. 11 are realized.
- the storage device 1001 is, for example, a non-transitory computer readable medium.
- the non-transitory computer readable medium includes various types of tangible storage media. Specific examples of the non-transitory computer readable medium include magnetic storage media (for example, flexible disk, magnetic tape, hard disk drive), magneto-optical storage media (for example, magneto-optical disc), compact disc-read only memory (CD-ROM), compact disc-recordable (CD-R), compact disc-rewritable (CD-R/W), and semiconductor memories (for example, mask ROM, programmable ROM (PROM), erasable PROM (EPROM), flash ROM).
- the program storage unit 102 shown in FIGS. 2, 4, 8, and 10 and the program storage unit 612 shown in FIG. 11 are realized by the storage device 1001 .
- the program may be stored in various types of transitory computer readable media.
- the transitory computer readable medium is supplied with the program through, for example, a wired or wireless communication channel, or, through electric signals, optical signals, or electromagnetic waves.
- configuration information storage unit 104 and the verification information storage unit 106 shown in FIGS. 2, 4, and 8 are realized by a memory 1002 or the storage device 1001 .
- FIG. 15 is a block diagram illustrating the main part of an information processing device.
- An information processing device 10 shown in FIG. 15 comprises configuration information storage means 11 (realized by the configuration information storage unit 104 in the example embodiment) for storing cluster configuration information making it possible to identify which cluster each information processing device in a system including multiple information processing devices belongs to, verification information management means 12 (realized by the verification unit 105 , 205 and the verification information storage unit 106 in the example embodiment) for managing a first value corresponding to a content of a program of each of the information processing devices in the system, and verification means 13 (realized by the verification unit 105 , 205 in the example embodiment) for deriving a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmitting the second value to a transmission source of the verification request, wherein the verification means transmits the verification request to an information processing device in the cluster identified by the cluster configuration information in response to reception of the verification request,
- the information processing device 10 may further comprises a cluster processing means (realized by the cluster processing unit 207 , 507 in the example embodiment) for configuring the cluster based on cost between the information processing devices in the system.
- a cluster processing means realized by the cluster processing unit 207 , 507 in the example embodiment
- FIG. 16 is a block diagram illustrating the main part of a verification system.
- a verification system 20 shown in FIG. 16 comprises a verification server 30 including configuration information storage means 31 (realized by the configuration information storage unit 614 in the example embodiment) for storing cluster configuration information making it possible to identify which cluster each information processing device in a system including multiple information processing devices belongs to, and verification information management means 32 (realized by the verification unit 615 and the verification information storage unit 616 in the example embodiment) for managing a first value corresponding to a content of a program of each of the information processing devices in the system, and an information processing device 40 , belonging to a cluster to which the verification server 30 belongs, including verification response means 41 (realized by the verification response unit 605 in the example embodiment) for deriving a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmitting the second value to a transmission source of the verification request, wherein the verification server 30 further comprises verification means 33 (
- An information processing device comprising:
- a verification system comprising:
Abstract
An information processing device 10 includes a configuration information storage unit which stores cluster configuration information making it possible to identify which cluster each information processing device in a system including multiple information processing devices belongs to, a verification information management unit which manages a first value corresponding to a content of a program of each of the information processing devices in the system; and a verification unit which derives a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmits the second value to a transmission source of the verification request, wherein the verification unit verifies the program in the information processing device by comparing the second value received from the information processing device with the first value.
Description
- The present invention relates to an information processing device, a verification system, and an information processing method for verification of a program.
- With the spread of Internet of Things (IoT) devices, security measures for guaranteeing the validity of firmware of devices have become important in the devices with low computation capability such as network cameras and smart meters.
- Such security measures have been also taken in computer systems. For example,
patent literature 1 discloses a method of determining security breach using an eigenvalue of firmware of a device. In the method, the eigenvalue of firmware is calculated by the device. Then, an external monitoring entity determines whether there is potential security breach based on an eigenvalue stored in advance. - PTL 1: Japanese Patent No. 5816373
- In the method described in
patent literature 1, the external monitoring entity needs to access a storage unit that stores eigenvalues. A first problem is that a number of eigenvalues to be stored increases. This is because there are a large number of IoT devices in an IoT system and it is necessary to hold eigenvalues for the respective devices. An increase in the number of eigenvalues leads to an increase in required capacity of the storage unit. An increase in the capacity of the storage unit leads to a decrease in access speed to required information and an increase in cost. - A second problem is that the access to the storage unit is concentrated in a case where there are a plurality of monitoring entities and devices to be verified. This is because the respective monitoring entities access the storage unit when the plurality of monitoring entities verify the devices. That is, when there are a plurality of devices to be verified, the number of times of verification itself increases, and the number of accesses to the storage unit increases. The concentration of access to the storage unit leads to an increase in time required for verification, a loss of transmission information, and the like.
- Therefore, an object of the present invention is to provide an information processing device, a verification system, and an information processing method for performing device verification while preventing an increase in capacity of a storage unit and the concentration of access to the storage unit.
- An information processing device according to the present invention includes configuration information storage means for storing cluster configuration information making it possible to identify which cluster each information processing device in a system including multiple information processing devices belongs to, verification information management means for managing a first value corresponding to a content of a program of each of the information processing devices in the system, and verification means for deriving a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmitting the second value to a transmission source of the verification request, wherein the verification means transmits the verification request to an information processing device in the cluster identified by the cluster configuration information in response to reception of the verification request, and verifies the program in the information processing device by comparing the second value received from the information processing device with the first value.
- A verification system according to the present invention includes a verification server including configuration information storage means for storing cluster configuration information making it possible to identify which cluster each information processing device in a system including multiple information processing devices belongs to, and verification information management means for managing a first value corresponding to a content of a program of each of the information processing devices in the system, and an information processing device, belonging to a cluster to which the verification server belongs, including verification response means for deriving a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmitting the second value to a transmission source of the verification request, wherein the verification server further comprises verification means for transmits the verification request to an information processing device in the cluster identified by the cluster configuration information in response to reception of the verification request, and verifies the program in the information processing device by comparing the second value received from the information processing device with the first value.
- An information processing method according to the present invention includes storing cluster configuration information making it possible to identify which cluster each information processing device in a system including multiple information processing devices belongs to, managing a first value corresponding to a content of a program of each of the information processing devices in the system, deriving a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmitting the second value to a transmission source of the verification request, and transmitting the verification request to an information processing device in the cluster identified by the cluster configuration information in response to reception of the verification request, and verifying a program in the information processing device by comparing the second value received from the information processing device with the first value.
- An information processing program according to the present invention causes a computer to execute a process of managing a first value corresponding to a content of a program of each of information processing devices in a system including a plurality of the information processing devices, a process of deriving a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmitting the second value to a transmission source of the verification request, and a process of transmitting a verification request to the information processing device in a cluster identified by cluster configuration information making it possible to identify which cluster each information processing device in the system including multiple information processing devices belongs to, and verifying a program in the information processing device by comparing the second value received from the information processing device with the first value.
- According to the present invention, the device verification can be performed while preventing the increase in the capacity of the storage unit and the concentration of access to the storage unit.
-
FIG. 1 It depicts an explanatory diagram illustrating an example of a system including an information processing device. -
FIG. 2 It depicts a block diagram illustrating a configuration example of an information processing device according to a first example embodiment. -
FIG. 3 It depicts a flowchart illustrating verification processing executed by the information processing device according to the first example embodiment. -
FIG. 4 It depicts a block diagram illustrating a configuration example of an information processing device according to a second example embodiment. -
FIG. 5 It depicts a flowchart illustrating a cluster configuration method in the second example embodiment. -
FIG. 6 It depicts a flowchart illustrating a cluster configuration method in a third example embodiment. -
FIG. 7 It depicts a flowchart illustrating a cluster configuration method in a fourth example embodiment. -
FIG. 8 It depicts a block diagram illustrating a configuration example of an information processing device according to a fifth example embodiment. -
FIG. 9 It depicts an explanatory diagram illustrating an example of a system including an information processing device. -
FIG. 10 It depicts a block diagram illustrating a configuration example of an information processing device according to a sixth example embodiment. -
FIG. 11 It depicts a block diagram illustrating a configuration example of a verification server. -
FIG. 12 It depicts a flowchart illustrating verification processing executed by the information processing device according to the sixth example embodiment. -
FIG. 13 It depicts a flowchart illustrating verification processing executed by a verification unit of the verification server. -
FIG. 14 It depicts a block diagram illustrating an example of a computer having a CPU. -
FIG. 15 It depicts a block diagram illustrating the main part of an information processing device. -
FIG. 16 It depicts a block diagram illustrating the main part of a verification system. - Hereinafter, example embodiments of the present invention will be described with reference to the accompanying drawings.
-
FIG. 1 is an explanatory diagram illustrating an example of a system including an information processing device of the present example embodiment. In the example illustrated inFIG. 1 , a plurality ofinformation processing devices 100 are grouped asclusters 110A, 110B. Anadministrator 130 transmits configuration information of theclusters 110A, 110B to all theinformation processing devices 100. Theinformation processing device 100 stores the configuration information. It should be noted that, specifically, theadministrator 130 transmits the configuration information through, for example, a server or the like handled by the administrator. In addition, the twoclusters 110A, 110B are illustrated inFIG. 1 , but the number of clusters is not limited to two. - When a verification request is transmitted from a
verification request source 120, device verification is started. Theverification request source 120 is, for example, a server. The device verification includes detection of the presence or absence of an illegal modification of a program installed in theinformation processing device 100 and detection of the presence or absence of installation of a malicious program. Theinformation processing device 100 that has received the verification request from theverification request source 120 transmits the verification request to the otherinformation processing device 100 in a cluster to which the own device belongs. Theinformation processing device 100 adjacent to another cluster among theinformation processing devices 100 that have received the verification request transmits the verification request to the adjacent cluster. Theinformation processing device 100 that has received the verification request from the adjacent cluster transmits the verification request to the otherinformation processing device 100 in a cluster to which the own device belongs. InFIG. 1 , it is illustrated that the verification request, which is a trigger for starting verification, is transmitted from theverification request source 120 different from theinformation processing device 100, but a certaininformation processing device 100 in a system may transmit a verification request, which is a trigger for starting verification, to the otherinformation processing device 100. -
FIG. 2 is a block diagram illustrating a configuration example of theinformation processing device 100 of the first example embodiment. Theinformation processing device 100 comprises acontrol unit 101, aprogram storage unit 102, acommunication unit 103, a configurationinformation storage unit 104, averification unit 105, and a verificationinformation storage unit 106. - The
control unit 101 is a control device that performs overall control and computational processing of theinformation processing device 100. Theprogram storage unit 102 stores a program executed by thecontrol unit 101. Thecommunication unit 103 communicates with a connection destination device through a network (not shown) such as the Internet. - The configuration
information storage unit 104 stores information that can identify theinformation processing device 100 belonging to a cluster including the own information processing device (theinformation processing device 100 including the configuration information storage unit 104), and information that can identify theinformation processing device 100 belonging to a cluster adjacent to this cluster. Each of theinformation processing devices 100 is identified using identification information such as a unique identification (ID), a fixed Internet protocol (IP) address, and a media access control (MAC) address. In order to prevent spoofing of theinformation processing device 100, authentication information such as a common encryption key and certificate information may be added to the identification information. - The cluster stored in the configuration
information storage unit 104 is configured by, for example, theadministrator 130 of the entire system. Theadministrator 130 can configure a plurality of clusters by dividing an information processing device group (all the information processing devices 100) based on a certain index such that the maximum length of a distance between two arbitraryinformation processing devices 100 in each cluster. Examples of the index include a distance such as a number of hops in a network layer between theinformation processing devices 100 and a physical distance. In addition, theadministrator 130 can also configure a plurality of clusters by dividing the information processing device group such that a number of theinformation processing devices 100 is uniform. - In addition, the
administrator 130 creates a first connected graph indicating a connection relationship between configured clusters and a second connected graph indicating a connection relationship between theinformation processing devices 100 in the respective clusters. Information representing theinformation processing devices 100, which correspond to nodes at both ends of edges of these connected graphs (the first connected graph and the second connected graph) is transmitted as configuration information to theinformation processing devices 100 corresponding to both the nodes. For example, a connection relationship between theinformation processing devices 100 representing clusters is used to create the first connected graph (connected graph indicating the connection relationship between clusters). When thecommunication unit 103 receives the configuration information in theinformation processing device 100, the configurationinformation storage unit 104 stores the configuration information. For example, in a case where these connected graphs are configured using a spanning tree structure, a number of edges is minimized, and the storage capacity of the configurationinformation storage unit 104 is reduced. For example, a number of hops of a network between two arbitrary points is considered as cost, and it is possible to obtain the minimum-cost spanning tree structure using the Kruskal method or the Prim method which is an already-known algorithm. - In addition, in a case where a connection has a complete graph structure, it is possible to increase communication failure tolerance between the respective
information processing devices 100 and to reduce the number of verification steps (the number of verification processes). Regarding the second connected graph, a complete graph is realized by storing information of all theinformation processing devices 100 belonging to the same cluster in each of theinformation processing devices 100. Regarding the first connected graph, a complete graph is obtained as one or more representativeinformation processing devices 100 are selected for the respective clusters, and the selectedinformation processing devices 100 collect information of the representativeinformation processing device 100 of another cluster. - The verification
information storage unit 106 stores an eigenvalue (hereinafter, also referred to as a first value) as a first value of the otherinformation processing device 100 calculated in advance. As the first value, it is possible to use an index value which can be calculated from an entity (for example, binary data) of a program stored in theprogram storage unit 102 and with which the presence or absence of tampering can be confirmed. As the index value, for example, a hash value, a checksum, or a value of an error correcting code can be used. - In addition, the entity itself of the program can be used as the first value. As the first value, the first value can be recalculated and used if necessary. For example, assumed is a malicious program spoofing a regular program by storing the correct first value. Then, as an example, an eigenvalue calculated by adding a random bit string to the entity itself of the program is used as the first value. Any index to be used is determined by the
administrator 130 depending on a method handled by theverification unit 105. In addition, theinformation processing device 100 in which the first value of the otherinformation processing device 100 should to be stored is determined by theadministrator 130. - When receiving the verification request, the
verification unit 105 newly calculates an eigenvalue (hereinafter, also referred to as a second value) as a second value based on a program stored in theprogram storage unit 102 of the own information processing device (the information processing device including the verification unit 105) 100. In addition, theverification unit 105 transmits the verification request to the otherinformation processing devices 100. Further, theverification unit 105 aggregates verification results received from the otherinformation processing devices 100. A series of verification requests are assigned with a single unique number. Theverification unit 105 stores unique numbers as a “verified list” when each of theinformation processing devices 100 completes verification. The unique number is used to determine whether verification has been completed. As an example, the verified list is configured to be capable of storing a predetermined number of unique numbers. The unique numbers in the verified list are removed from the oldest one. - The
communication unit 103 transmits the verification request to the otherinformation processing devices 100 to theinformation processing device 100 identified by the configurationinformation storage unit 104. When receiving a response to the transmitted verification request, theverification unit 105 verifies and aggregates a content of the response. The response includes identification information of theinformation processing device 100 of a verification request destination and the second value in theinformation processing device 100. The response may include a verification result of another information processing device aggregated by the verification request destination. Theverification unit 105 determines whether the verification is successful by confirming whether the received second value matches the first value stored in the verificationinformation storage unit 106. - In addition, the
verification unit 105 aggregates a verification result of the otherinformation processing device 100. When aggregating the verification result, theverification unit 105 aggregates identification information of theinformation processing device 100 to be verified and the success or failure of the verification. Theverification unit 105 may simply aggregate only the number ofinformation processing devices 100 that have succeeded in verification and the number ofinformation processing devices 100 that have failed in verification. Theverification unit 105 may prevent tampering by adding a signature of theinformation processing device 100 that has performed verification to each response. Thereafter, theverification unit 105 transmits the second value and the aggregated verification result to a verification request source. - In a case where the
information processing device 100 has a secure storage area or a secure execution environment protected in hardware, theverification unit 105 and the verificationinformation storage unit 106 may be laid out in the secure storage area or the secure execution environment. For example, a storage area in an integrated circuit (IC) chip such as a trusted platform module (TPM) and a secure element corresponds to the secure storage area. A trusted execution environment (TEE), which is a secure program execution environment such as the Intel Software Guard Extensions (SGX: Intel is a registered trademark) or ARM TrustZone (registered trademark) and a secure storage area prepared by the TEE correspond to the secure execution environment. - Next, the operation of the
information processing device 100 of the present example embodiment will be described.FIG. 3 is a flowchart illustrating verification processing executed by theverification unit 105 in theinformation processing device 100. - The verification processing is started when a verification request is received from the outside (Step S101). In the
information processing device 100 that has received the verification request, theverification unit 105 determines whether verification has been completed based on whether a unique number of the verification request is registered in a verified list (Step S102). When the verification has been completed, theverification unit 105 replies that verification has been completed to a verification request source (device that has transmitted the verification request) through the communication unit 103 (Step S103), and ends the processing. - When the verification has not been completed, the
verification unit 105 determines whether the transmission source (request source) of the verification request is the information processing device 100 (or the verification request source 120) in a cluster to which the owninformation processing device 100 belongs based on information stored in the configuration information storage unit 104 (Step S104). When the request source is theinformation processing device 100 in the cluster, the processing proceeds to Step S107. When the request source is theinformation processing device 100 outside the cluster, theverification unit 105 transmits a verification request to theinformation processing device 100 in the cluster through the communication unit 103 (Step S105). When receiving a response (reply) to the transmitted verification request, theverification unit 105 compares a second value included in the reply with the first value stored in the verificationinformation storage unit 106 to determine whether the verification is successful (Step S106). Then, the processing proceeds to Step S107. It should be noted that, in a case where the first value and the second value match, theverification unit 105 determines that the verification is successful, that is, there is no illegality related to a program in theinformation processing device 100 that has replied. - In Step S107, the
verification unit 105 determines whether there is an adjacent cluster based on information stored in the configurationinformation storage unit 104. When there is no adjacent cluster, the processing proceeds to Step S110. When there is an adjacent cluster, theverification unit 105 transmits a verification request to the adjacent cluster through the communication unit 103 (Step S108). When receiving a response (reply) to the transmitted verification request, theverification unit 105 compares a second value included in the reply with the first value stored in the verificationinformation storage unit 106 to determine whether the verification is successful (Step S109). Specifically, in a case where the first value and the second value match, theverification unit 105 determines that the verification is successful, that is, there is no illegality related to a program in theinformation processing device 100 that has replied. Then, the processing proceeds to Step S110. - In Step S110, the
verification unit 105 aggregates verification results obtained in the process of Step S106 and the process of Step S109 and a verification results sent from the otherinformation processing device 100. In addition, theverification unit 105 calculates an eigenvalue based on a program stored in theprogram storage unit 102 in the own information processing device 100 (Step S111). Then, theverification unit 105 transmits the calculated eigenvalue together with the verification result of the otherinformation processing device 100 to the verification request source (Step S112), and ends the process. The eigenvalue is received by theinformation processing device 100 which is the verification request source. Theinformation processing device 100 handles the received eigenvalue as the second value. - It should be noted that, in a case where the processes in Steps S105, S106, S108, and S109 have not been executed, the
verification unit 105 does not execute the process of Step S110. In such a case, theverification unit 105 transmits only the eigenvalue related to the owninformation processing device 100 without transmitting the verification result of the otherinformation processing device 100 in the process of Step S112. - As explained above, in the present example embodiment, the
information processing devices 100 transfer the verification requests to each other, so that verification between theinformation processing device 100 and the otherinformation processing device 100 connected thereto is executed in a distributed manner. Therefore, it is possible to prevent an increase in verification information to be held by a device that performs verification and prevent the concentration of access to one storage unit as compared with a case where a single monitoring device monitors all devices in a system. -
FIG. 4 is a block diagram illustrating a configuration example of aninformation processing device 200 of a second example embodiment. Theinformation processing device 200 comprises thecontrol unit 101, theprogram storage unit 102, thecommunication unit 103, the configurationinformation storage unit 104, averification unit 205, the verificationinformation storage unit 106, and acluster processing unit 207. - The
control unit 101 and thecommunication unit 103 illustrated inFIG. 4 have functions similar to those in the first example embodiment. A function of theverification unit 205 is different from the function of theverification unit 105 in the first example embodiment. - In the second example embodiment, the
information processing devices 200 having the same program recorded in theprogram storage units 102 are theinformation processing devices 200 belonging to the same cluster. That is, verification information on theinformation processing device 200 in the same cluster stored in the verificationinformation storage unit 106 is reduced using the identity of the program. - An example of a system including the
information processing device 200 is the system as shown inFIG. 1 . However, each of theinformation processing devices 100 inFIG. 1 is replaced with theinformation processing device 200. - The
cluster processing unit 207 calculates an eigenvalue from the program stored in theprogram storage unit 102 in the own information processing device (the information processing device including the cluster processing unit 207) 200, and makes a response to an eigenvalue request from the outside. - The
administrator 130 makes an eigenvalue request to thecluster processing unit 207 of each of theinformation processing devices 200, and configures a cluster of theinformation processing devices 200 based on the obtained eigenvalue (corresponding to a first value). A first connected graph and a second connected graph are created for the configured cluster and transmitted to each of theinformation processing devices 200. The configurationinformation storage unit 104 of theinformation processing device 200 stores configuration information. Specifically, theadministrator 130 transmits the eigenvalue request and the configuration information through, for example, a server handled by theadministrator 130 or the like, and receives the eigenvalue. - The
verification unit 205 executes verification processing (refer toFIG. 3 ) similar to that of theverification unit 105 in the first example embodiment. However, in the present example embodiment, theverification unit 205 determines whether verification is successful by comparing a second value, included in a response to a verification request obtained from the other information processing device 200 (theinformation processing device 200 other than theinformation processing device 200 including the verification unit 205) in the same cluster with the first value calculated in advance from the program stored in the programinformation storage unit 102 in the owninformation processing device 200 in the process of Step S106. In a case where the first value and the second value match, theverification unit 205 determines that the verification is successful, that is, there is no illegality related to a program in theinformation processing device 200 that has replied. It should be noted that, in theinformation processing device 200 that executes the verification processing in the present example embodiment, the first value may be stored in the verificationinformation storage unit 106 in advance, or may be calculated by theverification unit 205 every time the second value is received from the otherinformation processing device 200. - In the present example embodiment, the
verification unit 205 can perform the verification as described above because the programs stored in theprogram storage units 102 of all theinformation processing devices 200 belonging to the same cluster are the same. -
FIG. 5 is a flowchart illustrating a cluster configuration method. This processing is executed by the administrator 130 (specifically, a server handled by theadministrator 130 or the like). - The
administrator 130 requests eigenvalues as first values from all the information processing devices 200 (Step S201). In theinformation processing device 200 that has received an eigenvalue request, thecluster processing unit 207 calculates the eigenvalue of a program. Thecluster processing unit 207 sends the eigenvalue to theadministrator 130 through thecommunication unit 103. In this manner, theadministrator 130 can collect eigenvalues of all theinformation processing devices 200. Theadministrator 130 determines the identity between the programs by comparing the collected eigenvalues. Theadministrator 130 configures a cluster of the same eigenvalue (Step S202). That is, theadministrator 130 causes theinformation processing devices 200 having the programs determined to be the same to be included in the same cluster. - Next, the
administrator 130 configures a spanning tree connecting clusters as a first connected graph (Step S203). In addition, theadministrator 130 configures a spanning tree in a cluster as a second connected graph (Step S204). Information representing theinformation processing devices 200 corresponding to nodes at both ends of edges of the connected graphs (the first connected graph and the second connected graph) are transmitted to each of the information processing devices 200 (Step S205), and the processing ends. Theadministrator 130 transmits the information to theinformation processing devices 200 corresponding to both the nodes as configuration information. When thecommunication unit 103 receives the configuration information in theinformation processing device 200, the configurationinformation storage unit 104 stores the configuration information. It should be noted that the Kruskal method or the Prim method, which is an algorithm for obtaining a minimum spanning tree based on a number of hops between information processing devices, can be used as a method for forming the spanning tree. - The
information processing device 200 of the present example embodiment does not necessarily store the first values of theinformation processing devices 200 in the same cluster in the verificationinformation storage unit 106. Therefore, the verification information to be held by the verificationinformation storage unit 106 can be further reduced. - Incidentally, the
cluster processing unit 207 is provided separately from theverification unit 205 in the present example embodiment, but theverification unit 205 may function as the above-describedcluster processing unit 207 without providing thecluster processing unit 207. - In the present example embodiment, the
information processing devices 200 having similar programs recorded in theprogram storage units 102 are theinformation processing devices 200 belonging to the same cluster. That is, the storage capacity of the verificationinformation storage unit 106 for verification in the same cluster is reduced using a similarity of a program. - A configuration of the
information processing device 200 of the present example embodiment is the same as the configuration shown inFIG. 4 . - In order to calculate the similarity of the program, the
administrator 130 defines a Hamming distance based on binary values of programs, a value of a fuzzy hash of a program, and the like as an index (index value) of the similarity between programs. The administrator 130 (specifically, a server handled by theadministrator 130 or the like) determines whether programs are similar using the index value and a predetermined threshold. For example, when the index value exceeds the predetermined threshold, it is determined that the programs are similar. The index value of the similarity may be simply expressed as a similarity. -
FIG. 6 is a flowchart illustrating a cluster configuration method in the present example embodiment. This processing is executed by the administrator 130 (specifically, a server handled by theadministrator 130 or the like). - The
administrator 130 requests an index value of a similarity of a program from all the information processing devices 200 (Step S301). In theinformation processing device 200 that has received the request for the index value, thecluster processing unit 207 calculates the index value. Thecluster processing unit 207 sends the index value to theadministrator 130 through thecommunication unit 103. In this manner, theadministrator 130 can collect index values of similarities of all theinformation processing devices 200. Theadministrator 130 determines the similarity of the program by comparing the collected index values. Theadministrator 130 causes theinformation processing devices 200 having the close similarity to be included in the same cluster (Step S302). Thereafter, the processes of Steps S203 to S205 are executed similarly to the case of the second example embodiment. - The verification
information storage unit 106 stores a similarity threshold or difference information between programs as verification information (corresponding to a first value) for the otherinformation processing device 200 in the same cluster. Which verification information is to be used is determined by theadministrator 130 depending on a method of theverification unit 205. - The
verification unit 205 executes verification processing (refer toFIG. 3 ) similarly to theverification unit 105 in the first example embodiment, but in the process of Step S106, performs verification using a similarity with a program in the owninformation processing device 200 or difference information based on a verification response obtained from the otherinformation processing device 200 in the same cluster. - In the present example embodiment, the
verification unit 205 calculates an index value of the above similarity between programs as a second value handled by a verification request source in the process of Step S111. - Specifically, in a case where the verification is performed based on the similarity, the
verification unit 205 calculates a similarity between the second value (the index value of the similarity in the present example embodiment) included in the verification response and the first value calculated in advance from the program in the owninformation processing device 200. Then, theverification unit 205 determines whether the verification is successful by determining whether the obtained similarity exceeds the threshold. Specifically, when the obtained similarity exceeds the threshold, theverification unit 205 determines that the verification is successful, that is, there is no illegality related to a program in theinformation processing device 200 that has replied. In the case of using the difference information, theverification unit 205 performs a comparison with the program in the owninformation processing device 200 for the same portion, and determines whether the verification is successful using the difference information for different portions. That is, when a difference is equal to or less than a predetermined degree, theverification unit 205 determines that there is no illegality related to the program in theinformation processing device 200 that has replied. - In the present example embodiment, the
verification unit 205 can perform the verification as described above because the programs stored in theprogram storage units 102 of all theinformation processing devices 200 belonging to the same cluster are similar. - In the case where the
verification unit 205 executes verification based on the similarity, the presence or absence of tampering of a program is partially verified in the present example embodiment. In the case where theverification unit 205 executes verification using the difference information, the presence or absence of tampering of a program is verified. It should be noted that theverification unit 205 may include a similarity value used for verification and the like in a verification result as a response to a verification request. - As described above, the
information processing device 200 of the present example embodiment does not necessarily store verification information of each of theinformation processing devices 200 in the same cluster in the verificationinformation storage unit 106. The verificationinformation storage unit 106 only needs to store one similarity threshold or the difference information between programs of all theinformation processing devices 200 in the same cluster. Therefore, the verification information to be held by the verificationinformation storage unit 106 can be further reduced. - In the present example embodiment, the
information processing devices 200 having similar program attributes recorded in theprogram storage units 102 are theinformation processing devices 200 belonging to the same cluster. That is, the storage capacity of the verificationinformation storage unit 106 for verification in the same cluster is reduced using an attribute of a program. - A configuration of the
information processing device 200 of the present example embodiment is the same as the configuration shown inFIG. 4 . - The administrator 130 (specifically, a server handled by the
administrator 130 or the like) acquires information such as a program name and a signature of a developer and version information of a program in order to find an attribute of the program. Then, theadministrator 130 determines that programs by the same developer or programs which correspond to the same program in different versions are programs having similar attributes. It should be noted that signature information of a program developer may be used to prevent tampering of the program attribute. - The verification
information storage unit 106 stores an attribute of a verification target program as verification information for the otherinformation processing device 200 in the same cluster. Which type of attribute is to be used is determined by the administrator depending on a method of theverification unit 205. -
FIG. 7 is a flowchart illustrating a cluster configuration method in the present example embodiment. This processing is executed by the administrator 130 (specifically, a server handled by theadministrator 130 or the like). - The
administrator 130 requests attributes of programs as first values from all the information processing devices 200 (Step S401). In theinformation processing device 200 that has received the request, thecluster processing unit 207 extracts the attribute of the program. Thecluster processing unit 207 transmits the attribute of the program to theadministrator 130 through thecommunication unit 103. In this manner, theadministrator 130 can collect the attributes of the programs of all theinformation processing devices 200. Theadministrator 130 includes theinformation processing devices 200 having similar (or matching) program attributes in the same cluster (Step S402). Thereafter, the processes of Steps S203 to S205 are executed similarly to the case of the second example embodiment. - The
verification unit 205 executes verification processing (refer toFIG. 3 ) similarly to theverification unit 105 in the first example embodiment, but confirms whether an attribute of a program in the owninformation processing device 200 is similar to (or matches) an attribute of a program in the otherinformation processing device 200 using a verification response obtained from the otherinformation processing device 200 in the same cluster and the attribute (corresponding to the first value) of the program stored in the verificationinformation storage unit 106 in the process of Step S106. If the both are similar (or match), theverification unit 205 determines that the verification is successful, that is, there is no illegality related to the program in theinformation processing device 200 that has replied. - In addition, the
verification unit 205 reads an attribute of a program from the verificationinformation storage unit 106 and sets the read attribute as the second value handled by a verification request source in the process of Step S111 in the present example embodiment. - As described above, the
information processing device 200 of the present example embodiment does not necessarily store verification information of each of theinformation processing devices 200 in the same cluster in the verificationinformation storage unit 106. The verificationinformation storage unit 106 only needs to store the attributes of the programs for all theinformation processing devices 200 in the same cluster. Therefore, the verification information to be held by the verificationinformation storage unit 106 can be further reduced. -
FIG. 8 is a block diagram illustrating a configuration example of an information processing device of a fifth example embodiment. Aninformation processing device 500 comprises thecontrol unit 101, theprogram storage unit 102, thecommunication unit 103, the configurationinformation storage unit 104, theverification unit 105, the verificationinformation storage unit 106, and acluster processing unit 507. - The
control unit 101, thecommunication unit 103, and theverification unit 105 illustrated inFIG. 8 have functions similar to those in the first example embodiment. - In the present example embodiment, a cluster is configured in a distributed manner in the system without the
administrator 130 being involved in the configuration of the cluster. - An example of a system including the
information processing device 100 is the system as shown inFIG. 1 . However, each of theinformation processing devices 100 inFIG. 1 is replaced with theinformation processing device 500. - The
cluster processing unit 507 in a certaininformation processing device 500 in the system autonomously configures a cluster. Thecluster processing unit 507 configures a first connected graph and a second connected graph. Thecluster processing unit 507 stores configuration information in the configurationinformation storage unit 104. Then, thecluster processing unit 507 requests an eigenvalue from the adjacentinformation processing device 500 based on the configuration information. When the adjacentinformation processing device 500 transmits the eigenvalue in response to the request, the eigenvalue is received by thecommunication unit 103 and stored in the verificationinformation storage unit 106 as a first value. - The
cluster processing unit 507 can use a clustering method used in a distributed system as a cluster configuration method. For example, thecluster processing unit 507 calculates cost based on a number of hops of a network. If the system is a wireless network, thecluster processing unit 507 calculates the cost based on signal intensity. Thecluster processing unit 507 can configure a cluster by comparing the calculated cost with a predetermined threshold. As an example, thecluster processing unit 507 configures the cluster by obtaining a spanning tree that minimizes the cost. - In addition, it is also possible to select a representative node (the
information processing device 500 in charge of processing for the cluster configuration) by using a leader election algorithm and entrust the representative node with a role of an administrator. In this case, the selected leader (representative node) collects pieces of information of all nodes (all the information processing devices 500). Then, the leader configures a first connected graph and a second connected graph based on a distance such as the number of hops between nodes. The leader transmits a unique ID of an adjacent node to each node based on configuration information (the first connected graph and the second connected graph). In each node, the configurationinformation storage unit 104 stores the received ID. It should be noted that selection of a representative node may be performed again to select a leader for each cluster regarding the configuration of the second connected graph. In this case, the selected leader calculates a second connected graph and transmits information of an adjacent node to each node. - As described above, the cluster is autonomously configured in the system including the
information processing device 500 of the present example embodiment. Therefore, it is unnecessary for theadministrator 130 to intensively manage information of a large number ofinformation processing devices 500. - In the present example embodiment, one verification server is arranged in each cluster, and verification processing is performed by an information processing device and a verification server.
-
FIG. 9 is an explanatory diagram illustrating an example of a system including the information processing device of the present example embodiment. In the example illustrated inFIG. 9 , acluster 620A includes one verification server 610A in addition to a plurality ofinformation processing devices 600. A cluster 620B includes averification server 610B in addition to a plurality ofinformation processing devices 600. A verification request is transmitted from averification request source 630 to any one of the verification servers. In the example shown inFIG. 9 , the verification request is transmitted to the verification server 610A. The verification server 610A, which receives the verification request, transmits the verification request to theinformation processing device 600 in thecluster 620A. In addition, the verification server 610A transmits the verification request to the verification server 620B of theadjacent cluster 610B. Then, verification processing of the entire system is performed. It should be noted that theverification request source 630 is specifically, for example, a server. In addition, the specificinformation processing device 600 and the verification server 610A or theverification server 610B can also start a verification request to another verification server in the present example embodiment. -
FIG. 10 is a block diagram illustrating a configuration example of theinformation processing device 600 of the present example embodiment. Theinformation processing device 600 comprises thecontrol unit 101, theprogram storage unit 102, thecommunication unit 103, and a verification response unit 605. - The
control unit 101 and thecommunication unit 103 illustrated inFIG. 10 have functions similar to those in the first example embodiment. - The verification response unit 605 newly calculates a second value from a program stored in the
program storage unit 102 in the own information processing device (information processing device including the verification response unit 605) 600, and makes a response to a verification request. A unique number is assigned to each verification request. The unique number is used to determine whether verification has been completed. -
FIG. 11 is a block diagram illustrating a configuration example of theverification server 610. Theverification server 610 comprises acontrol unit 611, aprogram storage unit 612, acommunication unit 613, a configurationinformation storage unit 614, averification unit 615, and a verificationinformation storage unit 616. Configurations of the verification server 610A and theverification server 610B shown inFIG. 9 are the same as the configuration of theverification server 610. In other words, theverification server 610 is illustrated inFIG. 11 in order to describe the configurations of the verification server 610A and theverification server 610B. - The
communication unit 613 communicates with a connection destination device through a network (not shown) such as the Internet. Theverification unit 615 newly calculates a second value from a program stored in theprogram storage unit 612 in the own device (the verification server 610). Theverification unit 615 transmits a verification request to theinformation processing device 600 through thecommunication unit 613. In addition, theverification unit 615 makes a response to a verification request source based on a verification result. A unique number is assigned to each verification request. The unique number is used to determine whether verification has been completed. When transmitting the verification request to theinformation processing device 600, theverification unit 615 transmits the verification request, referring to information that can identify theinformation processing device 600 stored in the configurationinformation storage unit 614. - In addition, the
verification unit 615 compares the second value included in the verification response received from theinformation processing device 600 with a first value included in the verificationinformation storage unit 616 to determine whether the verification is successful. Specifically, in a case where the first value and the second value match, theverification unit 615 determines that the verification is successful, that is, there is no illegality related to a program in theinformation processing device 600 that has replied. In addition, the verification result of theinformation processing device 600 included in the verification response is aggregated. After verifying the responses of all the verification requests and calculating the own second value, theverification unit 615 transmits these results to theverification request source 630. - Next, the operation of the
information processing device 600 of the present example embodiment will be described.FIG. 12 is a flowchart illustrating verification processing executed by the verification response unit 605 in theinformation processing device 600. - The verification processing is started when a verification request is received from the outside (Step S601). When receiving the verification request, the verification response unit 605 in the
information processing device 600 determines whether verification has been completed based on whether a unique number of the verification request is registered in a verified list (Step S602). When the verification has been completed, the verification response unit 605 replies that verification has been completed to a verification request source (device that has transmitted the verification request) through the communication unit 103 (Step S603), and ends the processing. - When the verification has not been completed, the verification response unit 605 calculates an eigenvalue based on information stored in the
program storage unit 102 in the own information processing device 600 (Step S604). The verification response unit 605 transmits the eigenvalue to the verification request source (Step S605). Then, the processing ends. The eigenvalue is received by the verification server 610 (theverification servers 610A, 610B). Theverification server 610 handles the received eigenvalue as a second value. - Next, an operation of the
verification server 610, that is, operations of theverification servers 610A, 610B will be described.FIG. 13 is a flowchart illustrating verification processing executed by theverification unit 615 of theverification server 610. - The verification processing is started when a verification request from the outside or a verification request generated by the
own control unit 611 is received (Step S611). When receiving the verification request, theverification unit 615 in theverification server 610 determines whether verification has been completed based on whether a unique number of the verification request is registered in a verified list (Step S612). When the verification has been completed, theverification unit 615 replies that verification has been completed to a verification request source (verification server that has transmitted the verification request) through the communication unit 613 (Step S613), and ends the processing. - When the verification has not been completed, the
verification unit 615 transmits a verification request to theinformation processing device 600 in the cluster (Step S615). When receiving a response (reply) to the transmitted verification request, theverification unit 615 compares a second value included in the reply with a first value stored in the verificationinformation storage unit 616 to determine whether the verification is successful (Step S616). Specifically, in a case where the first value and the second value match, theverification unit 615 determines that the verification is successful, that is, there is no illegality related to a program in theinformation processing device 600 that has replied. - Next, the
verification unit 615 determines whether there is an adjacent cluster based on information stored in the configuration information storage unit 614 (Step S617). When there is no adjacent cluster, the processing proceeds to Step S620. When there is an adjacent cluster, theverification unit 615 transmits a verification request to theverification server 610 of the adjacent cluster (Step S618). Theverification unit 615 compares a second value in a response content with a first value of the verificationinformation storage unit 616 to determine whether the verification is successful (Step S619). Specifically, in a case where the first value and the second value match, theverification unit 615 determines that the verification is successful, that is, there is no illegality related to a program in theinformation processing device 600 in the adjacent cluster. It should be noted that the verification server of the adjacent cluster is theverification server 610B in a case where theverification server 610 that transmits the verification request is the verification server 610A when referring toFIG. 9 . In a case where theverification server 610 that transmits the verification request is theverification server 610B, the verification server of the adjacent cluster is the verification server 610A. - Then, in Step S620, the
verification unit 615 aggregates verification results obtained in the processing in Step S616 and the processing in Step S619, and verification results transmitted from theinformation processing device 600 and the other verification server 610 (Step S620). In addition, theverification unit 615 calculates an eigenvalue related to the program stored in the program storage unit 612 (Step S621). Theverification unit 615 transmits the calculated eigenvalue together with the verification result of the other information processing device to the verification request source through the communication unit 613 (Step S622), and ends the processing. The eigenvalue is received by the verification server 610 (theverification servers 610A and, 610B) or theverification request source 630. Theverification server 610 or theverification request source 630 handles the received eigenvalue as the second value. - As described above, in the present example embodiment, the
information processing device 600 and theverification server 610 transfer the verification requests to each other, so that verification among theverification server 610, the otherinformation processing device 600 connected thereto, and theother verification server 610 is executed in a distributed manner. Therefore, it is possible to prevent an increase in verification information and the concentration of access to one storage unit. - It should be noted that it is also possible to employ an example embodiment in which some configurations of any one of the example embodiments are added to another example embodiment or replaced with some configuration of another example embodiment.
- The same verification method is used for all clusters in each of the above example embodiment, but the verification method may be changed for each cluster as an example. For example, the second example embodiment may be adopted for a cluster including the
information processing devices 100 in which the same program is stored in theprogram storage units 102, and another example embodiment may be adopted for the other clusters. - In addition, clusters are configured such that verification between information processing devices in a cluster and verification between adjacent clusters are performed in each of the above example embodiments, but more-layered cluster configuration may be constructed by further clustering one cluster. In such a case, the verification processing in each of the above example embodiments may be realized by regarding the cluster as one information processing device. For example, one cluster among a plurality of clusters having a more-layered structure is regarded as a cluster that transmits a verification request to another information processing device or cluster.
- Although the components in the above exemplary embodiments may be configured with a piece of hardware or a piece of software. Alternatively, the components may be configured with a plurality of pieces of hardware or a plurality of pieces of software. Further, part of the components may be configured with hardware and the other part with software.
- The functions (processes) in the above exemplary embodiments may be realized by a computer having a processor such as a central processing unit (CPU), a memory, etc. For example, a program for performing the method (processing) in the above exemplary embodiments may be stored in a storage device (storage medium), and the functions may be realized with the CPU executing the program stored in the storage device.
-
FIG. 14 is a block diagram illustrating an example of the computer having the CPU. The computer can be mounted on theinformation processing devices verification server 610. TheCPU 1000 executes processing in accordance with a program stored in astorage device 1001 to realize the functions in the above exemplary embodiments. That is to say, the functions of thecontrol unit 101, the software part of thecommunication unit 103, theverification units cluster processing units information processing devices FIGS. 2, 4, 8, and 10 , and the functions of thecontrol unit 611, the software part of thecommunication unit 613, and theverification unit 615 in theverification server 610 shown inFIG. 11 are realized. - The
storage device 1001 is, for example, a non-transitory computer readable medium. The non-transitory computer readable medium includes various types of tangible storage media. Specific examples of the non-transitory computer readable medium include magnetic storage media (for example, flexible disk, magnetic tape, hard disk drive), magneto-optical storage media (for example, magneto-optical disc), compact disc-read only memory (CD-ROM), compact disc-recordable (CD-R), compact disc-rewritable (CD-R/W), and semiconductor memories (for example, mask ROM, programmable ROM (PROM), erasable PROM (EPROM), flash ROM). Theprogram storage unit 102 shown inFIGS. 2, 4, 8, and 10 and theprogram storage unit 612 shown inFIG. 11 are realized by thestorage device 1001. - The program may be stored in various types of transitory computer readable media. The transitory computer readable medium is supplied with the program through, for example, a wired or wireless communication channel, or, through electric signals, optical signals, or electromagnetic waves.
- In addition, the configuration
information storage unit 104 and the verificationinformation storage unit 106 shown inFIGS. 2, 4, and 8 , and the configurationinformation storage unit 614 and the verificationinformation storage unit 616 shown inFIG. 11 are realized by amemory 1002 or thestorage device 1001. -
FIG. 15 is a block diagram illustrating the main part of an information processing device. An information processing device 10 shown inFIG. 15 comprises configuration information storage means 11 (realized by the configurationinformation storage unit 104 in the example embodiment) for storing cluster configuration information making it possible to identify which cluster each information processing device in a system including multiple information processing devices belongs to, verification information management means 12 (realized by theverification unit information storage unit 106 in the example embodiment) for managing a first value corresponding to a content of a program of each of the information processing devices in the system, and verification means 13 (realized by theverification unit - The information processing device 10 may further comprises a cluster processing means (realized by the
cluster processing unit -
FIG. 16 is a block diagram illustrating the main part of a verification system. A verification system 20 shown inFIG. 16 comprises a verification server 30 including configuration information storage means 31 (realized by the configuration information storage unit 614 in the example embodiment) for storing cluster configuration information making it possible to identify which cluster each information processing device in a system including multiple information processing devices belongs to, and verification information management means 32 (realized by the verification unit 615 and the verification information storage unit 616 in the example embodiment) for managing a first value corresponding to a content of a program of each of the information processing devices in the system, and an information processing device 40, belonging to a cluster to which the verification server 30 belongs, including verification response means 41 (realized by the verification response unit 605 in the example embodiment) for deriving a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmitting the second value to a transmission source of the verification request, wherein the verification server 30 further comprises verification means 33 (realized by the verification unit 615 in the example embodiment) for transmits the verification request to an information processing device in the cluster identified by the cluster configuration information in response to reception of the verification request, and verifies the program in the information processing device by comparing the second value received from the information processing device with the first value. - Some or all of the above example embodiments can be described as in the following supplementary notes, but are not limited to the following supplementary notes.
- (Supplementary note 1) An information processing device comprising:
-
- configuration information storage means for storing cluster configuration information making it possible to identify which cluster each information processing device in a system including multiple information processing devices belongs to;
- verification information management means for managing a first value corresponding to a content of a program of each of the information processing devices in the system; and
- verification means for deriving a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmitting the second value to a transmission source of the verification request,
- wherein the verification means transmits the verification request to an information processing device in the cluster identified by the cluster configuration information in response to reception of the verification request, and verifies the program in the information processing device by comparing the second value received from the information processing device with the first value.
- (Supplementary note 2) The information processing device according to
Supplementary note 1, wherein -
- the verification information management means is verification information storage means for storing the first value calculated from the program.
- (Supplementary note 3) The information processing device according to
Supplementary note 1, wherein -
- the cluster is formed of information processing devices having an identical program, and
- the first value managed by the verification information management means is a common value for each of the information processing devices in the cluster, and
- the verification means compares the second value received from each of the information processing devices in the cluster with the common value.
- (Supplementary note 4) The information processing device according to
Supplementary note 1, wherein -
- the cluster is formed of information processing devices having similar programs,
- the first value managed by the verification information management means is an index value for determining a similarity calculated from the programs, and
- the verification means verifies the program of each of the information processing devices in the cluster by determining a similarity between the first value and an index value as the second value.
- (Supplementary note 5) The information processing device according to
Supplementary note 1, wherein -
- the cluster is formed of information processing devices having programs whose attributes are similar,
- the first value managed by the verification information management means is the attribute of the program, and
- the verification means verifies the program of each of the information processing devices in the cluster by determining whether the first value matches the attribute of the program as the second value.
- (Supplementary note 6) The information processing device according to any one of
Supplementary notes 1 to 5, further comprising -
- cluster processing means for configuring the cluster based on cost between the information processing devices in the system.
- (Supplementary note 7) A verification system comprising:
-
- a verification server including configuration information storage means for storing cluster configuration information making it possible to identify which cluster each information processing device in a system including multiple information processing devices belongs to, and verification information management means for managing a first value corresponding to a content of a program of each of the information processing devices in the system; and
- an information processing device, belonging to a cluster to which the verification server belongs, including verification response means for deriving a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmitting the second value to a transmission source of the verification request,
- wherein the verification server further comprises verification means for transmits the verification request to an information processing device in the cluster identified by the cluster configuration information in response to reception of the verification request, and verifies the program in the information processing device by comparing the second value received from the information processing device with the first value.
- (Supplementary note 8) An information processing method comprising:
-
- storing cluster configuration information making it possible to identify which cluster each information processing device in a system including multiple information processing devices belongs to;
- managing a first value corresponding to a content of a program of each of the information processing devices in the system;
- deriving a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmitting the second value to a transmission source of the verification request; and
- transmitting the verification request to an information processing device in the cluster identified by the cluster configuration information in response to reception of the verification request, and verifying a program in the information processing device by comparing the second value received from the information processing device with the first value.
- (Supplementary note 9) The information processing method according to Supplementary note 8, wherein
-
- the first value is managed by storing the first value calculated from a program.
- (Supplementary note 10) The information processing method according to Supplementary note 8, wherein
-
- the cluster is formed of information processing devices having an identical program, and
- the first value is a common value for each of the information processing devices in the cluster, and
- the program in the information processing device is verified by comparing the second value received from each of the information processing devices in the cluster with the common value.
- (Supplementary note 11) The information processing method according to Supplementary note 8, wherein
-
- the cluster is formed of information processing devices having programs whose attributes are similar,
- the first value is an index value of a similarity calculated from the programs in the information processing devices, and
- the program of each of the information processing devices in the cluster is verified by determining a similarity between the first value and an index value as the second value.
- (Supplementary note 12) The information processing method according to Supplementary note 8, wherein
-
- the cluster is formed of information processing devices having programs whose attributes are similar,
- the first value is the attribute of the program, and
- the program of each of the information processing devices in the cluster is verified by determining whether the first value matches the attribute of the program as the second value.
- (Supplementary note 13) The information processing method according to any one of Supplementary notes 8 to 12, further comprising
-
- configuring the cluster based on cost between the information processing devices in the system.
- (Supplementary note 14) An information processing program for causing a computer to execute:
-
- a process of managing a first value corresponding to a content of a program of each of information processing devices in a system including a plurality of the information processing devices;
- a process of deriving a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmitting the second value to a transmission source of the verification request; and
- a process of transmitting a verification request to the information processing device in a cluster identified by cluster configuration information making it possible to identify which cluster each information processing device in the system including multiple information processing devices belongs to, and verifying a program in the information processing device by comparing the second value received from the information processing device with the first value.
- While the present invention has been explained with reference to the example embodiment, the present invention is not limited to the aforementioned example embodiment. Various changes understandable to those skilled in the art within the scope of the present invention can be made to the structures and details of the present invention.
-
- 10, 40 Information processing device
- 11 Configuration information storage means
- 12 Verification information management means
- 13 Verification means
- 20 Verification system
- 30 Verification server
- 31 Configuration information storage means
- 32 Verification information management means
- 33 Verification means
- 41 Verification response means
- 100, 200, 500, 600 Information processing device
- 101 Control unit
- 102 Program storage unit
- 103 Communication unit
- 104 Configuration information storage unit
- 105, 205 Verification unit
- 106 Verification information storage unit
- 110A, 110B, 620A, 620B Cluster
- 120 Verification request source
- 130 Administrator
- 207, 507 Cluster processing unit
- 605 Verification response unit
- 610, 610A, 610B Verification server
- 611 Control unit
- 612 Program storage unit
- 613 Communication unit
- 614 Configuration information storage unit
- 615 Verification unit
- 616 Verification information storage unit
- 630 Verification request source
- 1000 CPU
- 1001 Storage device
- 1002 Memory
Claims (14)
1. An information processing device comprising:
configuration information storage means for storing cluster configuration information making it possible to identify which cluster each information processing device in a system including multiple information processing devices belongs to;
verification information management means for managing a first value corresponding to a content of a program of each of the information processing devices in the system; and
verification means for deriving a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmitting the second value to a transmission source of the verification request,
wherein the verification means transmits the verification request to an information processing device in the cluster identified by the cluster configuration information in response to reception of the verification request, and verifies the program in the information processing device by comparing the second value received from the information processing device with the first value.
2. The information processing device according to claim 1 , wherein
the verification information management means is verification information storage means for storing the first value calculated from the program.
3. The information processing device according to claim 1 , wherein
the cluster is formed of information processing devices having an identical program, and
the first value managed by the verification information management means is a common value for each of the information processing devices in the cluster, and
the verification means compares the second value received from each of the information processing devices in the cluster with the common value.
4. The information processing device according to claim 1 , wherein
the cluster is formed of information processing devices having similar programs,
the first value managed by the verification information management means is an index value for determining a similarity calculated from the programs, and
the verification means verifies the program of each of the information processing devices in the cluster by determining a similarity between the first value and an index value as the second value.
5. The information processing device according to claim 1 , wherein
the cluster is formed of information processing devices having programs whose attributes are similar,
the first value managed by the verification information management means is the attribute of the program, and
the verification means verifies the program of each of the information processing devices in the cluster by determining whether the first value matches the attribute of the program as the second value.
6. The information processing device according to claim 1 , further comprising
cluster processing means for configuring the cluster based on cost between the information processing devices in the system.
7. A verification system comprising:
a verification server including configuration information storage means for storing cluster configuration information making it possible to identify which cluster each information processing device in a system including multiple information processing devices belongs to, and verification information management means for managing a first value corresponding to a content of a program of each of the information processing devices in the system; and
an information processing device, belonging to a cluster to which the verification server belongs, including verification response means for deriving a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmitting the second value to a transmission source of the verification request,
wherein the verification server further comprises verification means for transmits the verification request to an information processing device in the cluster identified by the cluster configuration information in response to reception of the verification request, and verifies the program in the information processing device by comparing the second value received from the information processing device with the first value.
8. An information processing method comprising:
storing cluster configuration information making it possible to identify which cluster each information processing device in a system including multiple information processing devices belongs to;
managing a first value corresponding to a content of a program of each of the information processing devices in the system;
deriving a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmitting the second value to a transmission source of the verification request; and
transmitting the verification request to an information processing device in the cluster identified by the cluster configuration information in response to reception of the verification request, and verifying a program in the information processing device by comparing the second value received from the information processing device with the first value.
9. The information processing method according to claim 8 , wherein
the first value is managed by storing the first value calculated from a program.
10. The information processing method according to claim 8 , wherein
the cluster is formed of information processing devices having an identical program, and
the first value is a common value for each of the information processing devices in the cluster, and
the program in the information processing device is verified by comparing the second value received from each of the information processing devices in the cluster with the common value.
11. The information processing method according to claim 8 , wherein
the cluster is formed of information processing devices having programs whose attributes are similar,
the first value is an index value of a similarity calculated from the programs in the information processing devices, and
the program of each of the information processing devices in the cluster is verified by determining a similarity between the first value and an index value as the second value.
12. The information processing method according to claim 8 , wherein
the cluster is formed of information processing devices having programs whose attributes are similar,
the first value is the attribute of the program, and
the program of each of the information processing devices in the cluster is verified by determining whether the first value matches the attribute of the program as the second value.
13. The information processing method according to claim 8 , further comprising
configuring the cluster based on cost between the information processing devices in the system.
14. A non-transitory computer readable information recording medium storing an information processing program that, when executed by a processor, performs:
managing a first value corresponding to a content of a program of each of information processing devices in a system including a plurality of the information processing devices;
deriving a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmitting the second value to a transmission source of the verification request; and
transmitting a verification request to the information processing device in a cluster identified by cluster configuration information making it possible to identify which cluster each information processing device in the system including multiple information processing devices belongs to, and verifying a program in the information processing device by comparing the second value received from the information processing device with the first value.
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/JP2019/000082 WO2020144729A1 (en) | 2019-01-07 | 2019-01-07 | Information processing device, verification system, and information processing method |
Publications (1)
Publication Number | Publication Date |
---|---|
US20220058259A1 true US20220058259A1 (en) | 2022-02-24 |
Family
ID=71521479
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US17/420,329 Pending US20220058259A1 (en) | 2019-01-07 | 2019-01-07 | Information processing device, verification system, and information processing method |
Country Status (3)
Country | Link |
---|---|
US (1) | US20220058259A1 (en) |
JP (1) | JP7147873B2 (en) |
WO (1) | WO2020144729A1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20220164464A1 (en) * | 2019-03-14 | 2022-05-26 | Omron Corporation | Control system, method, and control device |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP7237298B2 (en) | 2018-10-02 | 2023-03-13 | 浩明 永井 | Drag washers, drag mechanisms, and fishing reels |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040083390A1 (en) * | 2000-12-29 | 2004-04-29 | Jean-Christophe Cuenod | Method of restricting access, for the benefit of authorised users, to resources belonging to interactive services with at least one package of services |
US20070145124A1 (en) * | 2005-12-27 | 2007-06-28 | Minoru Handa | Communication system, reader/writer, authentication method, and computer program |
US20130263262A1 (en) * | 2011-09-07 | 2013-10-03 | Jeff B. Forristal | Verifying firmware integrity of a device |
US20210176609A1 (en) * | 2017-12-20 | 2021-06-10 | Sony Corporation | Information processing device, information processing method, information processing system, and program |
US11316868B2 (en) * | 2017-02-24 | 2022-04-26 | Nec Corporation | Information verification system, information verification device, method and program |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP6351000B2 (en) | 2016-11-02 | 2018-07-04 | パナソニックIpマネジメント株式会社 | Broadcast reception system and broadcast communication cooperation system |
-
2019
- 2019-01-07 JP JP2020565042A patent/JP7147873B2/en active Active
- 2019-01-07 WO PCT/JP2019/000082 patent/WO2020144729A1/en active Application Filing
- 2019-01-07 US US17/420,329 patent/US20220058259A1/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040083390A1 (en) * | 2000-12-29 | 2004-04-29 | Jean-Christophe Cuenod | Method of restricting access, for the benefit of authorised users, to resources belonging to interactive services with at least one package of services |
US20070145124A1 (en) * | 2005-12-27 | 2007-06-28 | Minoru Handa | Communication system, reader/writer, authentication method, and computer program |
US20130263262A1 (en) * | 2011-09-07 | 2013-10-03 | Jeff B. Forristal | Verifying firmware integrity of a device |
US11316868B2 (en) * | 2017-02-24 | 2022-04-26 | Nec Corporation | Information verification system, information verification device, method and program |
US20210176609A1 (en) * | 2017-12-20 | 2021-06-10 | Sony Corporation | Information processing device, information processing method, information processing system, and program |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20220164464A1 (en) * | 2019-03-14 | 2022-05-26 | Omron Corporation | Control system, method, and control device |
Also Published As
Publication number | Publication date |
---|---|
WO2020144729A1 (en) | 2020-07-16 |
JP7147873B2 (en) | 2022-10-05 |
JPWO2020144729A1 (en) | 2021-11-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11914712B1 (en) | Blockchain based secure naming and update verification | |
EP3178011B1 (en) | Method and system for facilitating terminal identifiers | |
EP3639471B1 (en) | Systems and methods for security of network connected devices | |
JP7214838B2 (en) | How certificate status is determined | |
KR101937220B1 (en) | Method for generating and verifying a digital signature or message authentication code based on a block chain that does not require key management | |
US10581849B2 (en) | Data packet transmission method, data packet authentication method, and server thereof | |
CN103098070A (en) | Methods, apparatus and systems for monitoring locations of data within a network service | |
CN103986743A (en) | Method, apparatus and system for acquiring data in Internet of Things | |
US20200218815A1 (en) | Systems and methods for distributed ledger management | |
US10511488B2 (en) | Device, system and method for performing integrity verification based on distributed delegator | |
US10389693B2 (en) | Keys for encrypted disk partitions | |
KR102324361B1 (en) | Apparatus and method for detecting malicious devices based on a swarm intelligence | |
US10491513B2 (en) | Verifying packet tags in software defined networks | |
US11917081B2 (en) | Issuing device and method for issuing and requesting device and method for requesting a digital certificate | |
US20240104213A1 (en) | Securing node groups | |
US20220058259A1 (en) | Information processing device, verification system, and information processing method | |
CN111131144B (en) | IoT (Internet of things) equipment management method, device, server and storage medium | |
KR102229438B1 (en) | Cloud computing and blockchain based smart home system | |
US10326599B2 (en) | Recovery agents and recovery plans over networks | |
JP2019008738A (en) | Verification device | |
KR102306466B1 (en) | System for non-replicable authentication and location estimation and operation method thereof | |
CN114567678A (en) | Resource calling method and device of cloud security service and electronic equipment | |
KR20200106435A (en) | Method and apparatus for authenticating user | |
KR102028725B1 (en) | Method and apparatus for authenticating user | |
US20230409694A1 (en) | Secure Device Tracking Via Device Ownership Service |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |